[Purdue-pm] TripleDES
Mark Senn
mark at ecn.purdue.edu
Sat Mar 31 20:16:41 PDT 2012
Bradley Andersen wrote:
> If you do, here's an encrypted string and the key (base 64):
> RL5ZJUYNxNMnqa9wusptOSuDRAgIJ+mJ (string)
> L1uu9NwccM0TJWTmUj2heiO/WHMl7wKP (key)
SUMMARY---USE THIS CODE TO DECODE IT
Use this code to decode it. Perl may have something better that handles
the three parts of the key bundle behind the scenes but I think this may
work like you want.
#!/usr/bin/perl
use strict;
use warnings;
use Crypt::DES;
use MIME::Base64::Perl;
use feature 'say';
my $string64 = 'RL5ZJUYNxNMnqa9wusptOSuDRAgIJ+mJ';
my $key64 = 'L1uu9NwccM0TJWTmUj2heiO/WHMl7wKP';
my $string = decode_base64($string64);
my $key = decode_base64($key64);
my $key1 = substr $key, 0, 8;
my $key2 = substr $key, 8, 8;
my $key3 = substr $key, 16, 8;
my $cipher1 = new Crypt::DES $key1;
my $cipher2 = new Crypt::DES $key2;
my $cipher3 = new Crypt::DES $key3;
my $output = '';
while (length $string)
{
my $t = substr $string, 0, 8;
$output .= $cipher1->decrypt($cipher2->encrypt($cipher3->decrypt($t)));
$string = substr $string, 8;
}
say $output;
DETAILS---MISCELLANEOUS MUSINGS---SKIP UNLESS YOU'RE REAALLY INTERESTED
>From http://csrc.nist.gov/groups/STM/cavp/documents/des/tripledesval.html
Notice: The DES Transition Plan has ended as of May 19, 2007. The
DES Transition Plan addresses the use of single key DES by Federal
agencies, which are incorporated in cryptographic algorithms. Therefore
Triple DES Keying Option 3 (Key1 = Key2 = Key3) is no longer Approved.
>From reading I've done it looks like single and double DES are no
longer recommended but triple DES is still used.
The key is 32 characters long and each character is base 64
encoded so there are 32 * 6 = 192 bits in the key.
According to http://en.wikipedia.org/wiki/Triple_DES#Keying_options
Triple DES uses a "key bundle" which comprises three DES keys, K1,
K2 and K3, each of 56 bits (excluding parity bits). The encryption
algorithm is:
ciphertext = EK3(DK2(EK1(plaintext)))
I.e., DES encrypt with K1, DES decrypt with K2, then DES encrypt with K3.
Continuing with http://en.wikipedia.org/wiki/Triple_DES#Keying_options
Decryption is the reverse:
plaintext = DK1(EK2(DK3(ciphertext)))
I.e., decrypt with K3, encrypt with K2, then decrypt with K1.
See http://www.cryptosys.net/3des.html for instructions of how to
extract K1, K2 and K3 from the 192 bits in the key bundle.
Once you've got K1, K2, and K3 you may want to try using
MIME::Base64::Perl to do the
plaintext = DK1(EK2(DK3(ciphertext)))
-mark
More information about the Purdue-pm
mailing list